ch0ic3/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-02-21 14:16:07 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
591 Commits 2 Branches 6 Tags 41 MiB
8dc1e3c5fe
Commit Graph

175 Commits

Author SHA1 Message Date
Mehtab Zafar
8dc1e3c5fe
Update TTY shell command for python 
Made the command to use python3 because mostly now the machines have python3 installed.
 2020-01-10 17:57:53 +05:30
Ayoma Wijethunga
7f34c01794 Change IP and port to a common value across commands 2020-01-09 16:20:49 +05:30
Ayoma Wijethunga
96b9adb98b Change IP and port to a common value across commands 2020-01-09 16:17:35 +05:30
Swissky
742c7ee3c2 AppLocker rules 2020-01-06 23:03:54 +01:00
Swissky
71171fa78b SSRF exploiting WSGI 2020-01-05 22:11:28 +01:00
Swissky
3a9b9529cb Mimikatz - Credential Manager & DPAPI 2020-01-05 17:27:02 +01:00
Swissky
73abdeed71 Kerberos AD GPO 2020-01-05 16:28:00 +01:00
Swissky
b052f78d95 Blacklist3r and Machine Key 2020-01-02 23:33:04 +01:00
György Demarcsek
9c188139ec
Added PHP reverse shell 
This reverse shell payload for PHP works even if `exec` is disabled and/or the new socket is not on fd 3
 2020-01-02 19:27:35 +01:00
Swissky
0a6ac284c9 AdminSDHolder Abuse 2019-12-30 19:55:47 +01:00
Swissky
bcb24c9866 Abusing Active Directory ACLs/ACEs 2019-12-30 14:22:10 +01:00
Swissky
4b10c5e302 AD mitigations 2019-12-26 12:09:23 +01:00
Swissky
1535c5f1b3 Kubernetes - Privileged Service Account Token 2019-12-20 11:33:25 +01:00
Swissky
cf5a4b6e97 XSLT injection draft 2019-12-17 21:13:59 +01:00
Swissky
896e262531 Privilege impersonation and GraphQL SQLi 2019-12-11 16:59:14 +01:00
Swissky
6f4a28ef66 Slim RCE + CAP list 2019-12-05 23:06:53 +01:00
Swissky
c60f264664 RDP backdoor + RDP session takeover 2019-11-26 23:39:14 +01:00
Swissky
06864b0ff8 Password spraying rewrite + Summary fix 2019-11-25 23:35:20 +01:00
Swissky
3abaa3e23d Linux AD - Keyring, Keytab, CCACHE 2019-11-25 23:12:06 +01:00
Swissky
00684a10cd IIS asp shell with .asa, .cer, .xamlx 2019-11-16 14:53:42 +01:00
Swissky
639dc9faec .url file in writeable share 2019-11-14 23:54:57 +01:00
Swissky
3a384c34aa Password spray + AD summary re-org 2019-11-14 23:37:51 +01:00
Swissky
7f266bfda8 mitm ipv6 + macOS kerberoasting 2019-11-14 23:26:13 +01:00
M4x
221b353030
fix invalid link 2019-11-14 16:59:52 +08:00
Swissky
43f185d289 CVE-2019-1322 UsoSvc 2019-11-11 20:31:07 +01:00
Swissky
f6d5221a85 SID history break trust + Powershell history + SCF files 2019-11-07 23:21:00 +01:00
Swissky
24516ca7a1 Kubernetes attacks update + ref to securityboulevard 2019-11-05 11:05:59 +01:00
Swissky
60050219b7 Impersonating Office 365 Users on Azure AD Connect 2019-11-04 21:43:44 +01:00
Dave
775d10c256
Fix awk snippet 
A small typo in the awk one-liner prevents successful execution of the command.

```
awk: cmd. line:1: warning: remote host and port information (10.0.0.1>, 4242) invalid: Name or service not known
awk: cmd. line:1: fatal: can't open two way pipe `/inet/tcp/0/10.0.0.1>/4242' for input/output (No such file or directory)
```

This commit fixes this :)
 2019-11-03 16:07:16 +00:00
Dave
6b22d53257
Fix lua reverse shell quote issue 
The single quotes around `io.popen` prevented the one-liner to be executed.
This change should fix that :)
 2019-10-29 19:31:07 +00:00
Hi15358
34d8853728
Merge pull request #1 from Hi15358/patch-1 
Patch 1
 2019-10-29 16:30:58 +08:00
Swissky
727eb5cabd Drop the MIC 2019-10-21 23:00:27 +02:00
Swissky
11fc6e4bc5 NTLM relay + MS08-068 2019-10-20 22:09:36 +02:00
Hi15358
b54142c3a2
Update Reverse Shell Cheatsheet.md 2019-10-21 02:35:13 +08:00
Swissky
ed252df92e krb5.keytab + credential use summary 2019-10-20 13:25:06 +02:00
Swissky
7159a3ded3 RODC dcsync note + Dumping AD Domain summary 2019-10-18 00:07:09 +02:00
OOP
f0af3b4f4d
Update Active Directory Attack.md 2019-10-15 23:18:07 +07:00
Swissky
357658371f SSRF URL for Google Cloud 2019-10-06 20:59:58 +02:00
Mark
3fb2a9006f
Add Spyse to network discovery 
1. spyse itself 
2. python wrapper - using only a part of the available functionality of spyse, but will be updated very soon.
 2019-09-30 15:26:26 +04:00
Swissky
3221197b1e RCE vBulletin + findomain 2019-09-26 20:41:01 +02:00
Swissky
742e3204d3 SharpPersist - Windows Persistence 2019-09-13 17:38:23 +02:00
Swissky
5455c30ec7 Juicy Potato + XXE update 2019-09-08 19:44:51 +02:00
Swissky
2b1900e046 PrivEsc - sudoers + Upload PHP 2019-09-02 12:36:40 +02:00
Swissky
3ca07aeb7a Docker Privesc - Unix socket 2019-08-30 17:25:07 +02:00
Alexandre ZANNI
72c54b5c1b
add missing backtick 2019-08-29 09:49:09 +02:00
Swissky
bb305d0183 Network Discovery - Masscan update 2019-08-29 01:08:26 +02:00
Swissky
6c161f26b2 JWT None alternative + MS15-051 2019-08-22 23:03:48 +02:00
David B
3fd0791c2a
Update Linux - Privilege Escalation.md 
Adding a tool that helps with privilege escalation on linux through SUDO.
 2019-08-19 00:55:30 +02:00
Swissky
8dffb59ac5 Pspy + Silver Ticket + MSSQL connect 2019-08-18 22:24:48 +02:00
Swissky
4a176615fe CORS Misconfiguration 2019-08-18 12:08:51 +02:00